Cybersecurity Basics and Threats MCQ for Professionals
Enhance your knowledge of cybersecurity basics and common threats with our MCQ Test. Test your skills on security protocols, malware and cyberattack prevention. Perfect for professionals and IT experts in the USA, UK, Canada and Australia.
📌 Important Instructions
- ✅ This is a free test. Beware of scammers who ask for money to attend this test.
- 📋 Total Number of Questions: 30
- ⏳ Time Allotted: 30 Minutes
- 📝 Marking Scheme: Each question carries 1 mark. There is no negative marking.
- ⚠️ Do not refresh or close the page during the test, as it may result in loss of progress.
- 🔍 Read each question carefully before selecting your answer.
- 🎯 All the best! Give your best effort and ace the test! 🚀
Time Left: 00:00
1. What is the primary goal of cybersecurity?
- To ensure that systems and data are protected from unauthorized access and attacks
- To make systems faster and more efficient
- To improve the performance of websites
- To protect only sensitive financial data
2. Which of the following is an example of a social engineering attack?
- Phishing
- Man-in-the-middle attack
- Denial-of-Service (DoS) attack
- SQL injection
3. What does the term "malware" refer to?
- Software designed to protect against cyberattacks
- Software used for data backup
- Malicious software intended to cause harm or unauthorized access
- Software used for network optimization
4. Which of the following is a common type of malware that encrypts files and demands payment for decryption?
- Trojan horse
- Worm
- Ransomware
- Spyware
5. What does the term "phishing" refer to in cybersecurity?
- A technique used to track online activities
- A form of attack where fraudulent emails or websites deceive users into providing sensitive information
- A type of virus that replicates itself
- An encrypted communication method used for secure transactions
6. Which of the following is an example of a brute-force attack?
- Guessing passwords through automated software until the correct one is found
- Exploiting a vulnerability in a website
- Using social engineering to gather personal information
- Intercepting network traffic to steal data
7. What is a firewall primarily used for?
- To enhance the user interface of a website
- To protect a computer network by controlling incoming and outgoing traffic
- To make websites load faster
- To clean up viruses from infected files
8. Which of the following best describes a Denial-of-Service (DoS) attack?
- A threat to steal financial information
- An attempt to make a service unavailable by overwhelming it with excessive traffic
- A method of exploiting system vulnerabilities
- A technique for bypassing authentication mechanisms
9. What is the purpose of encryption in cybersecurity?
- To prevent unauthorized access to data by transforming it into unreadable content
- To speed up the transmission of sensitive data
- To prevent users from accessing certain files
- To improve the aesthetic appeal of data
10. Which of the following is a vulnerability in a system that can be exploited by attackers?
- Patch
- Software bug or flaw
- Encryption key
- Secure password
11. What is the purpose of a VPN (Virtual Private Network)?
- To increase the speed of internet browsing
- To allow secure communication over a public network by encrypting data
- To block access to specific websites
- To improve Wi-Fi signal strength
12. Which of the following is an example of a passive cybersecurity defense?
- Encryption
- Firewall
- Intrusion detection system (IDS)
- Security awareness training
13. What does the term "data breach" refer to?
- The practice of backing up data to external storage
- Unauthorized access or disclosure of sensitive data
- The act of hacking into a system without leaving traces
- A type of encrypted communication
14. Which of the following is a common method of securing communication on the internet?
- Using a VPN to encrypt traffic
- Installing anti-virus software
- Disabling firewalls
- Using weak passwords
15. What is "cross-site scripting" (XSS)?
- An attack that injects malicious scripts into web pages viewed by users
- A method for bypassing authentication systems
- An attack to steal sensitive data from databases
- A denial-of-service attack
16. Which of the following is a feature of an effective incident response plan?
- Regular updates to address new threats
- Ignoring low-level threats
- Relying solely on external support
- Focusing on prevention only
17. What is the purpose of a "zero-day" exploit?
- To exploit vulnerabilities in a system before the vendor has released a patch
- To encrypt sensitive files
- To block access to websites
- To prevent unauthorized users from accessing a network
18. Which of the following types of malware attempts to exploit a security flaw in a program to execute arbitrary code?
- Worm
- Trojan horse
- Buffer overflow
- Rootkit
19. What does the term "social engineering" refer to in cybersecurity?
- Using technical skills to hack systems
- Manipulating individuals into divulging confidential information or performing actions that compromise security
- Using firewalls to block attacks
- Testing the security of a network
20. What does an "IDS" (Intrusion Detection System) do?
- Prevents unauthorized access to a network
- Detects potential security breaches or attacks in real-time
- Manages network traffic
- Encrypts sensitive data
21. What does the acronym "APT" stand for in cybersecurity?
- Advanced Persistent Threat
- Advanced Protected Technique
- Automated Phishing Tool
- Authorized Penetration Test
22. Which of the following is NOT a good practice for safeguarding sensitive data?
- Using encryption to protect data in transit and at rest
- Regularly updating security patches
- Storing passwords in plain text
- Restricting access to sensitive data based on roles
23. What is the function of an "antivirus" program?
- To prevent hackers from accessing your device
- To detect and remove malicious software
- To optimize the performance of a computer
- To block unauthorized network traffic
24. Which of the following is considered an insider threat?
- An attacker who gains unauthorized access from outside the organization
- A system glitch that causes a security breach
- An employee who intentionally or unintentionally compromises security
- A malicious script targeting a website
25. What does a "Man-in-the-Middle" (MitM) attack involve?
- Intercepting communication between two parties to alter or steal information
- Injecting malicious code into a website to steal data
- Overloading a network with traffic to cause a denial of service
- Phishing for login credentials through email
26. What does the term "patch management" refer to in cybersecurity?
- The process of updating software to fix vulnerabilities and improve security
- The practice of using firewalls to block incoming traffic
- Monitoring networks for any signs of unauthorized access
- Encrypting sensitive data during transmission
27. Which of the following is an example of a physical security measure in cybersecurity?
- Using multi-factor authentication
- Installing biometric authentication systems
- Using encryption to protect stored data
- Implementing access control lists (ACLs)
28. Which of the following describes a "backdoor" in cybersecurity?
- A hidden method of bypassing normal authentication to access a system
- A vulnerability that is intentionally left open by the software vendor
- A technique used to encrypt data for safe transmission
- A tool used for managing firewalls
29. What is the purpose of a "honeypot" in cybersecurity?
- To monitor network traffic for suspicious activity by simulating a vulnerable system
- To encrypt sensitive data in storage
- To limit access to specific users only
- To block spam and phishing attempts
30. What is the main function of a "sandbox" in cybersecurity testing?
- To provide a controlled environment for running and analyzing potentially malicious code
- To block unauthorized access to a network
- To create secure passwords for all users
- To encrypt traffic between systems